Director, Cybersecurity

Zenas BioPharmaWaltham, MA
12hHybrid
Match Resume

About The Position

Zenas is a clinical-stage global biopharmaceutical company committed to becoming a leader in the development and commercialization of transformative therapies for patients with autoimmune diseases. Our core business strategy combines our experienced leadership team with a disciplined product candidate acquisition approach to identify, acquire and develop product candidates globally that we believe can provide superior clinical benefits to patients living with autoimmune diseases. Zenas is advancing two late-stage, potential franchise molecules, obexelimab and orelabrutinib. Obexelimab, Zenas’ lead product candidate, is a bifunctional monoclonal antibody designed to bind both CD19 and FcγRIIb, which are broadly present across B cell lineage, to inhibit the activity of cells that are implicated in many autoimmune diseases without depleting them. We believe that obexelimab’s unique mechanism of action and self-administered, subcutaneous injection regimen may broadly and effectively address the pathogenic role of B cell lineage in chronic autoimmune disease. Orelabrutinib is a potentially best-in-class, highly selective CNS-penetrant, oral, small molecule Bruton’s Tyrosine Kinase (BTK) inhibitor with the potential to address compartmentalized inflammation and disease progression in Multiple Sclerosis (MS). Zenas’ earlier stage programs include a preclinical, potentially best-in-class, oral, IL-17AA/AF inhibitor, and a preclinical, potentially best-in-class, oral, brain-penetrant, TYK2 inhibitor. We are seeking top talent who share our commitment to patients and have a track record of success in acquiring, developing and commercializing products across the globe. Our colleagues have an opportunity to engage in a fast-paced learning environment and experience individual and organizational success as we work towards becoming a global immunology and autoimmune disease leader, while living our values of Transparency, Relationships, Urgency, Excellence and Innovation – TRUE Innovation! Position Summary: The Director of Cybersecurity will serve as the cybersecurity leader for Zenas BioPharma, responsible for defining, implementing, and managing the company’s cybersecurity program, data privacy initiatives, and third-party risk management framework. Reporting directly to the Head of Information Technology, this individual contributor role partners across the organization to protect sensitive intellectual property, clinical trial data, patient information, and corporate systems. This is a hands-on leadership role well suited for a cybersecurity professional comfortable working in a fast-paced, lean biotech environment. The Director will own both strategic vision and tactical execution, working with managed security service providers (MSSPs) and vendor partnerships to deliver strong security capabilities. The right candidate will bring solid experience in regulated industries and the ability to operate effectively as Zenas advances toward commercial launch and increased regulatory scrutiny.

Requirements

  • Bachelor’s degree in Computer Science, Information Security, Information Technology, Business Management, or a related field.
  • 10+ years of progressive experience in information security or cybersecurity, with at least 3 years in a senior or leadership capacity.
  • Demonstrated experience building or growing a cybersecurity program within a regulated industry (biotech, pharmaceutical, defense, or life sciences strongly preferred).
  • Deep working knowledge of cybersecurity frameworks and standards: NIST CSF, NIST 800-53, ISO 27001, CIS Controls.
  • Hands-on experience with security operations including incident response, threat intelligence, vulnerability management, and security architecture across cloud (AWS, Azure) and on-premises environments.
  • Track record of managing MSSPs and outsourced security service providers, with strong vendor management and contract negotiation skills.
  • Strong understanding of data privacy regulations including HIPAA, GDPR, and U.S. state privacy laws.
  • Experience supporting SOX IT General Controls and participating in regulatory audits or inspections.
  • Excellent communication skills with the ability to translate complex security concepts for non-technical audiences, including executive leadership and Board members.
  • Self-directed and highly motivated, with the ability to operate effectively as an individual contributor in a lean, fast-paced organization.

Nice To Haves

  • Industry certifications such as CISSP, CISM, CISA, CRISC, Security+, or GIAC certifications.
  • Prior experience at a clinical-stage or pre-commercial biotech company moving through the transition to commercial operations.
  • Experience in a publicly traded company subject to SEC reporting and SOX requirements.
  • Familiarity with FDA regulations (21 CFR Part 11, GxP) and their intersection with cybersecurity and data integrity.
  • Experience with cloud security architectures (AWS, Azure) and SaaS-heavy environments.
  • Experience presenting cybersecurity posture and risk to Boards of Directors or Audit Committees.
  • Knowledge of AI/ML security risks and governance frameworks for emerging technologies.
  • Background in defense or government-regulated cybersecurity environments (e.g., DoD, DCSA) is a plus.

Responsibilities

  • Develop and execute the enterprise cybersecurity strategy, roadmap, and supporting policies aligned with business objectives, regulatory obligations, and the company’s risk appetite.
  • Manage and continuously improve the cybersecurity program including threat detection and response, vulnerability management, endpoint protection, identity and access management, email security, and cloud security.
  • Own the cybersecurity incident response plan; lead investigation and remediation efforts for security events and breaches, coordinating with external forensic resources as needed.
  • Conduct regular risk assessments and penetration tests; drive remediation across on-premises, cloud, and SaaS environments.
  • Stay current on emerging threats, including AI-driven threats, ransomware, and supply chain attacks targeting the pharmaceutical sector, and implement security technologies such as Zero Trust, SASE, MFA, and EDR.
  • Establish and report on cybersecurity metrics and KPIs to IT leadership, executive management, and the Board of Directors.
  • Develop and deliver a company-wide cybersecurity awareness and training program, building security awareness across all levels of the organization.
  • Serve as the IT operational lead for data privacy, partnering with Legal and Compliance to ensure adherence to HIPAA, GDPR, U.S. state privacy laws, and emerging global requirements.
  • Develop and maintain data classification, data loss prevention (DLP), and data handling policies and procedures.
  • Ensure alignment of the cybersecurity program with NIST Cybersecurity Framework (CSF), NIST 800-53, ISO 27001, and CIS Controls.
  • Support SOX IT General Controls (ITGCs) related to cybersecurity, including access management, change management, and security monitoring.
  • Partner with Quality and IT Compliance teams to support FDA, EMA, and other regulatory inspection readiness as it relates to cybersecurity and data integrity.
  • Build and manage a scalable third-party risk management (TPRM) program to assess, monitor, and mitigate cybersecurity and privacy risks across Zenas’s vendor and partner ecosystem, including CROs, CMOs, and cloud service providers.
  • Serve as the primary relationship owner for MSSPs, MDR providers, and cybersecurity technology vendors; define and manage SLAs, performance metrics, and escalation procedures.
  • Partner with Procurement and Legal to ensure appropriate security and privacy requirements are incorporated into contracts and service-level agreements.
  • Manage the cybersecurity budget in coordination with the Head of IT, ensuring cost-effective investment aligned with risk priorities.

Benefits

  • The position is eligible for a competitive compensation and benefits package.
  • Our base salary is just one component of Zenas’ competitive total rewards strategy that also includes annual performance bonus, equity, full range of benefits and other incentive compensation plans.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Director

Job Search Resources

Similar Director, Cybersecurity job opportunities

Executive Director Cybersecurity
Nicklaus Children's Hospital
Nicklaus Children's Hospital • Miami, FL6d
Director of Cybersecurity Operations
OneMain Financial
OneMain Financial • Baltimore, MD4d
Director Cybersecurity, Identity Protection
Community Health Systems Professional Services Corporation
Community Health Systems Professional Services Corporation • Franklin, TN11d
Director - Off-Board Cybersecurity
Ford
Ford3d • Remote
Director, Information Security
Jobgether
Jobgether • Washington, WA13d • Remote
Director - Off-Board Cybersecurity
Ford Motor Company
Ford Motor Company • Dearborn, MI3d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service